In June of 2012, the European Council approved the European Union’s General Data Protection Regulation draft. The soon-to-be-approved final law is an updated version of the EU’s 1995 data protection rules, intended to bolster online privacy rights. The EU’s effort to consolidate privacy laws stands in contrast to the U.S.’s consistent battles with mass data collection by big business and government agencies.
Privacy—a broad and nebulous term—is treated differently in the European Union than it is in the U.S. According to Brian Kudowitz, commercial product director for privacy and data security at Bloomberg Law, privacy is “essentially a human right” in the EU. Whereas the EU has comprehensive law protecting privacy in all its forms—especially with the GDPR initiative—the U.S. deals with the protection of information in a series of laws that regulate different sectors.
The EU’s focus on privacy can be explained in historical terms, Kudowitz added. “You go back to all of the different things that have occurred in Europe over the last 70 years, it’s very easy to see how that perspective developed.”
In a recent Eurobarometer survey, 67 percent of Europeans said they were concerned about not having control over what information was provided about them on the Internet, and 70 percent expressed concern about how companies used their information.
Beyond what everyday citizens think of privacy, businesses and government agencies operate differently in the U.S. than in the EU as well. Organizations protect data proactively in the EU, whereas breaches of privacy are dealt with retroactively in the U.S.
According to Phil Lee, a representative at the multinational law firm Fieldfisher, “[t]his is partially because class action regimes aren’t well developed in the EU. EU countries don’t have a concept of punitive damages in the same way that you do in the U.S.”
Article via Legaltech News, December 22, 2015